|
|
Log in / Subscribe / Register

Mageia alert MGASA-2012-0314 (transmission)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2012-0314: transmission-2.51-1.2.mga2
 (2/core) 


Date:
    	      Mon, 29 Oct 2012 18:39:46 +0100


Message-ID:
    	      <20121029173946.GA15335@valstar.mageia.org>



MGASA-2012-0314
Date: 	October 29th, 2012
Affected releases: 	2


Description:
Updated transmission packages fix security vulnerability:

Multiple cross-site scripting (XSS) vulnerabilities in the web client in
Transmission before 2.61 allow remote attackers to inject arbitrary web
script or HTML via the (1) comment, (2) created by, or (3) name field in
a torrent file (CVE-2012-4037).


Updated Packages:
transmission-daemon-2.51-1.2.mga2
transmission-cli-2.51-1.2.mga2
transmission-common-2.51-1.2.mga2
transmission-gtk-2.51-1.2.mga2
transmission-qt4-2.51-1.2.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4037
http://www.ubuntu.com/usn/usn-1584-1/
https://bugs.mageia.org/show_bug.cgi?id=7590
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds